GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
5,519 advisories
Filter by severity
There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and...
Moderate
Unreviewed
CVE-2021-37036
was published
Nov 24, 2021
Under certain conditions SAP Business Objects Business Intelligence Platform - versions 420, 430,...
Moderate
Unreviewed
CVE-2022-24398
was published
Mar 11, 2022
Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by...
Moderate
Unreviewed
CVE-2020-14112
was published
Mar 11, 2022
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows...
Moderate
Unreviewed
CVE-2022-25248
was published
Mar 17, 2022
The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix...
Moderate
Unreviewed
CVE-2011-1103
was published
May 17, 2022
IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM)...
Moderate
Unreviewed
CVE-2011-0679
was published
May 17, 2022
Html-edit CMS 3.1.8 allows remote attackers to obtain sensitive information via a direct request...
Moderate
Unreviewed
CVE-2010-4611
was published
May 17, 2022
MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a configuration with a visible...
Moderate
Unreviewed
CVE-2010-4625
was published
May 17, 2022
An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W...
Moderate
Unreviewed
CVE-2022-21199
was published
Jan 29, 2022
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9...
Moderate
Unreviewed
CVE-2022-23235
was published
Aug 26, 2022
Accounted time is shown in the Ticket Detail View (External Interface), even if ExternalFrontend:...
Moderate
Unreviewed
CVE-2022-1004
was published
Mar 22, 2022
IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 and IBM Business Process Manager 8.5...
Moderate
Unreviewed
CVE-2021-39046
was published
Mar 19, 2022
This issue was addressed with improved checks. This issue is fixed in tvOS 15.4, iOS 15.4 and...
Moderate
Unreviewed
CVE-2022-22621
was published
Mar 19, 2022
Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x before 2.8.2 allows remote...
Moderate
Unreviewed
CVE-2010-4225
was published
May 17, 2022
admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to obtain sensitive...
Moderate
Unreviewed
CVE-2010-4349
was published
May 17, 2022
SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to trigger TCP connections to...
Moderate
Unreviewed
CVE-2010-3982
was published
May 17, 2022
Photos in Apple iOS before 4.2 enables support for HTTP Basic Authentication over an unencrypted...
Moderate
Unreviewed
CVE-2010-3831
was published
May 17, 2022
The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1...
Moderate
Unreviewed
CVE-2010-3764
was published
May 17, 2022
ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an...
Moderate
Unreviewed
CVE-2015-5781
was published
May 17, 2022
The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third...
Moderate
Unreviewed
CVE-2015-5749
was published
May 17, 2022
An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to...
Moderate
Unreviewed
CVE-2022-0331
was published
Mar 30, 2022
Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A...
Moderate
Unreviewed
CVE-2022-23158
was published
Apr 2, 2022
Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A...
Moderate
Unreviewed
CVE-2022-23157
was published
Apr 2, 2022
The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/...
Moderate
Unreviewed
CVE-2022-1166
was published
Apr 5, 2022
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in...
Moderate
Unreviewed
CVE-2021-43205
was published
Apr 7, 2022
ProTip!
Advisories are also available from the
GraphQL API